frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Start all of your commands with a comma (2009)

https://rhodesmill.org/brandon/2009/commands-with-comma/
256•theblazehen•2d ago•85 comments

Hoot: Scheme on WebAssembly

https://www.spritely.institute/hoot/
26•AlexeyBrin•1h ago•2 comments

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

https://openciv3.org/
706•klaussilveira•15h ago•206 comments

The Waymo World Model

https://waymo.com/blog/2026/02/the-waymo-world-model-a-new-frontier-for-autonomous-driving-simula...
969•xnx•21h ago•558 comments

Vocal Guide – belt sing without killing yourself

https://jesperordrup.github.io/vocal-guide/
69•jesperordrup•6h ago•31 comments

Reinforcement Learning from Human Feedback

https://arxiv.org/abs/2504.12501
7•onurkanbkrc•47m ago•0 comments

Making geo joins faster with H3 indexes

https://floedb.ai/blog/how-we-made-geo-joins-400-faster-with-h3-indexes
135•matheusalmeida•2d ago•35 comments

Where did all the starships go?

https://www.datawrapper.de/blog/science-fiction-decline
45•speckx•4d ago•36 comments

Unseen Footage of Atari Battlezone Arcade Cabinet Production

https://arcadeblogger.com/2026/02/02/unseen-footage-of-atari-battlezone-cabinet-production/
68•videotopia•4d ago•7 comments

Welcome to the Room – A lesson in leadership by Satya Nadella

https://www.jsnover.com/blog/2026/02/01/welcome-to-the-room/
39•kaonwarb•3d ago•30 comments

ga68, the GNU Algol 68 Compiler – FOSDEM 2026 [video]

https://fosdem.org/2026/schedule/event/PEXRTN-ga68-intro/
13•matt_d•3d ago•2 comments

What Is Ruliology?

https://writings.stephenwolfram.com/2026/01/what-is-ruliology/
45•helloplanets•4d ago•46 comments

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

https://github.com/valdanylchuk/breezydemo
240•isitcontent•16h ago•26 comments

Monty: A minimal, secure Python interpreter written in Rust for use by AI

https://github.com/pydantic/monty
238•dmpetrov•16h ago•126 comments

Show HN: I spent 4 years building a UI design tool with only the features I use

https://vecti.com
340•vecti•18h ago•149 comments

Hackers (1995) Animated Experience

https://hackers-1995.vercel.app/
506•todsacerdoti•23h ago•248 comments

Sheldon Brown's Bicycle Technical Info

https://www.sheldonbrown.com/
389•ostacke•22h ago•98 comments

Show HN: If you lose your memory, how to regain access to your computer?

https://eljojo.github.io/rememory/
304•eljojo•18h ago•188 comments

Microsoft open-sources LiteBox, a security-focused library OS

https://github.com/microsoft/litebox
361•aktau•22h ago•186 comments

An Update on Heroku

https://www.heroku.com/blog/an-update-on-heroku/
428•lstoll•22h ago•284 comments

Cross-Region MSK Replication: K2K vs. MirrorMaker2

https://medium.com/lensesio/cross-region-msk-replication-a-comprehensive-performance-comparison-o...
3•andmarios•4d ago•1 comments

PC Floppy Copy Protection: Vault Prolok

https://martypc.blogspot.com/2024/09/pc-floppy-copy-protection-vault-prolok.html
71•kmm•5d ago•10 comments

Was Benoit Mandelbrot a hedgehog or a fox?

https://arxiv.org/abs/2602.01122
23•bikenaga•3d ago•11 comments

Dark Alley Mathematics

https://blog.szczepan.org/blog/three-points/
96•quibono•4d ago•22 comments

The AI boom is causing shortages everywhere else

https://www.washingtonpost.com/technology/2026/02/07/ai-spending-economy-shortages/
26•1vuio0pswjnm7•2h ago•16 comments

How to effectively write quality code with AI

https://heidenstedt.org/posts/2026/how-to-effectively-write-quality-code-with-ai/
271•i5heu•18h ago•219 comments

Delimited Continuations vs. Lwt for Threads

https://mirageos.org/blog/delimcc-vs-lwt
34•romes•4d ago•3 comments

I now assume that all ads on Apple news are scams

https://kirkville.com/i-now-assume-that-all-ads-on-apple-news-are-scams/
1079•cdrnsf•1d ago•461 comments

Introducing the Developer Knowledge API and MCP Server

https://developers.googleblog.com/introducing-the-developer-knowledge-api-and-mcp-server/
64•gfortaine•13h ago•30 comments

Understanding Neural Network, Visually

https://visualrambling.space/neural-network/
306•surprisetalk•3d ago•44 comments
Open in hackernews

Show HN: Lume 0.2 – Build and Run macOS VMs with unattended setup

https://cua.ai/docs/lume/guide/getting-started/introduction
154•frabonacci•2w ago
Hey HN, Lume is an open-source CLI for running macOS and Linux VMs on Apple Silicon. Since launch (https://news.ycombinator.com/item?id=42908061), we've been using it to run AI agents in isolated macOS environments. We needed VMs that could set themselves up, so we built that.

Here's what's new in 0.2:

*Unattended Setup* – Go from IPSW to a fully configured VM without touching the keyboard. We built a VNC + OCR system that clicks through macOS Setup Assistant automatically. No more manual setup before pushing to a registry:

  lume create my-vm --os macos --ipsw latest --unattended tahoe
You can write custom YAML configs to set up any macOS version your way.

*HTTP API + Daemon* – A REST API on port 7777 that runs as a background service. Your scripts and CI pipelines can manage VMs that persist even if your terminal closes:

  curl -X POST localhost:7777/lume/vms/my-vm/run -d '{"noDisplay": true}'
*MCP Server* – Native integration with Claude Desktop and AI coding agents. Claude can create, run, and execute commands in VMs directly:

  # Add to Claude Desktop config
  "lume": { "command": "lume", "args": ["serve", "--mcp"] }
    
  # Then just ask: "Create a sandbox VM and run my tests"
*Multi-location Storage* – macOS disk space is always tight, so from user feedback we added support for external drives. Add an SSD, move VMs between locations:

  lume config storage add external-ssd /Volumes/ExternalSSD/lume
  lume clone my-vm backup --source-storage default --dest-storage external-ssd
*Registry Support* – Pull and push VM images from GHCR or GCS. Create a golden image once, share it across your team.

We're seeing people use Lume for: - Running Claude Code in an isolated VM (your host stays clean, reset mistakes by cloning) - CI/CD pipelines for Apple platform apps - Automated UI testing across macOS versions - Disposable sandboxes for security research

To get started:

  /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/trycua/cua/main/libs/lume/scripts/install.sh)"

  lume create sandbox --os macos --ipsw latest --unattended tahoe
  lume run sandbox --shared-dir ~/my-project
Lume is MIT licensed and Apple Silicon only (M1/M2/M3/M4) since it uses Apple's native Virtualization Framework directly—no emulation.

Lume runs on EC2 Mac instances and Scaleway if you need cloud infrastructure. We're also working on a managed cloud offering for teams that need macOS compute on demand—if you're interested, reach out.

We're actively developing this as part of Cua (https://github.com/trycua/cua), our Computer Use Agent SDK. We'd love your feedback, bug reports, or feature ideas.

GitHub: https://github.com/trycua/cua Docs: https://cua.ai/docs/lume

We'll be here to answer questions!

Comments

whinvik•2w ago
Sorry for the naive question but specifically for running Claude on a sandbox, why do people decide to use lume as opposed to running it on Docker?
frabonacci•2w ago
Docker on Mac runs Linux containers inside a Linux VM - you can't run macOS in Docker. So if you need Claude / Codex / OpenCode to interact with:

- macOS GUI apps (Xcode, Numbers, Safari, etc.) - macOS desktop automation (screenshots, mouse/keyboard input, accessibility APIs) - macOS CI/CD (building iOS/macOS apps, running XCTest)

...you need an actual macOS VM, which is what Lume provides.

fishtacos•2w ago
I wonder what the additional layer of virtualization changes with respect to this in a project like this one: https://github.com/dockur/macos

The unattended setup is a large improvement, which also begs the question: Mac OS doesn't have an unattended.xml alternative for its installer?

happyopossum•2w ago
macOS has unattended setup options via MDM or Apple Configurator…
easton•2w ago
Can you do zero touch without having an Apple Business account (so, a DUNS number) and a MDM?

I thought this was a silly way to do it too, but upon reflection I don’t know if you can zero touch setup a Mac without registering a device in DEP.

frabonacci•2w ago
re: unattended setup.

You're both right - Apple's official zero-touch setup requires MDM + DEP, which needs Apple Business Manager (and yes, a DUNS number).

But for VMs specifically, DEP doesn't work anyway - VMs don't have real serial numbers that can be enrolled in Device Enrollment Program.

VNC-based setup automation is the only practical option - it's what the ecosystem has converged on for macOS VMs. Lume connects to the VM's VNC server and programmatically tabs, clicks, types through Setup Assistant.

arianvanp•2w ago
I wish the virtualization framework would allow you to simulate your own MDM stuff. Would be very useful for integration testing MDM implementations themselves...
frabonacci•2w ago
re: https://github.com/dockur/macos

A closer comparison here is Lumier, which provides a "Docker-like" interface to spin up VMs with a noVNC server: https://cua.ai/docs/lume/guide/advanced/lumier/docker

The key difference: dockur/macos uses QEMU+KVM, which only works on Linux hosts. It can't run on macOS hardware since Apple doesn't expose KVM. See: https://github.com/dockur/macos/issues/256

jamescampbell•1w ago
If you run say ollama in docker vs native you lose MPS (metal core like the way CUDA works but Mac) which is really a deal breaker to do any AI work via docker for doing things with local models, which is my use case to have a full fast VM inside my mac.
cmckn•2w ago
I tried to set up a macOS VM recently so I could run an old version of iTunes to manage my iPods. I found it nearly impossible to even download an installer for older versions of the OS, and could never get it working. Where can one acquire an IPSW for, say, macOS Mojave? My understanding is this is not the same thing as the “Install macOS.app”?
samtheprogram•2w ago
For a version of macOS that old, you’d probably want a dmg, which you can create with createinstallmedia if you have the Install macOS.app. Not sure if it’s supported with Lume as it’s the first time I’ve heard of it.
LoganDark•2w ago
Mojave never was an IPSW, because it never ran on Apple Silicon. I imagine this tool might just not support that at all.
frabonacci•2w ago
LoganDark is right. I've personally never tried, and don't think it'd be easy for any macOS predating Apple Virtualization Framework. For that you'd need something like UTM since they're relying on QEMU - these configs might help: https://github.com/adespoton/utmconfigs
cmckn•2w ago
Ahh I see. UTM was what I was trying, so I’ll give those a look! Thanks
illithid0•2w ago
I was trying to do something similar last year and gave up because it felt futile. That said, it was the push I needed to try Rockbox, and I haven't looked back. Managing things via the file system is really nice.
cmckn•2w ago
I started on my Linux box and despite many apps claiming to support iPods, none would actually work. I ended up getting an old Mac mini running again and I’m using that for now. I’ve never given Rockbox a good look, I should check it out.
CharlesW•2w ago
I like to use MIST (macOS Installer Super Tool) to grab old macOS versions: https://github.com/ninxsoft/Mist

Apple also provides instructions for downloading many older macOS versions via your terminal: https://support.apple.com/en-us/102662#terminal

frabonacci•2w ago
Nice, thanks for sharing! It'd be interesting to integrate MIST into lume's ipsw command - right now Apple's native features in Apple Vz only provides download links for the latest supported version of the host, so grabbing older versions requires workarounds like this.
ahmadyan•2w ago
I believe this is using Virtualization.framework and not Containerization API from Tahoe, right?

Is there a limit on number of instances you can have per physical mac? i recall there was a hard limit of 2 because of EULA, unless Apple has changed it. (Cupertino really likes to sell you their Macs)

frabonacci•2w ago
Correct, Containerization APIs are Linux VMs specific.

There's a kernel-level check in the Hypervisor framework that enforces the 2 VM limit, and bypassing it violates Apple's EULA.

Nice technical deep-dive on the how here: https://khronokernel.com/macos/2023/08/08/AS-VM.html

eptcyka•2w ago
How is the networking? Tart broke networking in Tahoe. Would love to see this work, setting up base images has always been a massive pain.
frabonacci•2w ago
We haven't observed any networking degradation with Lume on Tahoe so far - things have been working smoothly in our testing. Give it a try and let us know if you run into any issues!
fkorotkov•2w ago
Can you elaborate on what got “broken” on Tahoe?
abrookewood•2w ago
"We built a VNC + OCR system that clicks through macOS Setup Assistant automatically" - that is both awesome and annoying. I guess I assumed that Apple supported some form of unattended setup.
frabonacci•2w ago
Yeah, Apple intentionally provides no unattended setup. Plus any process trying to control the UI programmatically needs explicit accessibility permissions, which defeats the purpose.

So we just click through like a human would via VNC. Version-specific but works with their security model rather than against it.

abrookewood•2w ago
That's a great approach.
fartfeatures•2w ago
How does this compare to something like Tart and shapehq/tartelet
frabonacci•2w ago
Both use Apple's Virtualization Framework, so core VM performance is similar. Main differences are around agent-first design (HTTP API, MCP server), unattended setup via VNC + OCR, and registry support for VM images.

We've also built a broader ecosystem on top - the Cua computer and agent framework for building computer-use agents: https://cua.ai/docs

We went through the comparison with Tart, Lima etc here: https://github.com/trycua/cua/issues/10

fartfeatures•2w ago
Thanks for answering, makes sense.

Not seeing any reference to Tart at that link. Tart also has registry support for VM images it treats them very much like Docker images, is that what you are doing too?

Is it worth putting a comparison up somewhere other than a Github thread? Seems to be a frequently asked question at this point.

Also worth drawing attention to Tart being source available not open source.

frabonacci•2w ago
Thanks for the feedback! You're right that a proper comparison page beats hunting through GitHub issues.

We just put one together (with some help from Claude Code, naturally): https://cua.ai/docs/lume/guide/getting-started/comparison

fartfeatures•2w ago
Thanks much appreciated, the "Registry Support" section is weird though. Isn't GHCR an instance of an OCI registry? The when to choose Loom in the Tart section should also mention licensing, it is relevant at the choosing point.
frabonacci•2w ago
Good catches, thanks! Just updated the page:

Fixed the registry description—you're right, GHCR is an OCI registry. Both tools use OCI-compatible registries, we just default to GHCR/GCS.

Added licensing to the "when to choose" sections.

fartfeatures•2w ago
Good changes, like the new theme too, I'd still match the two boxes if it were me (both should read OCI registry and optionally include GHCR but they should be identical)
torarnv•2w ago
> Lume automates the macOS Setup Assistant via VNC and OCR, creating ready-to-use VMs without manual clicking. Tart relies on Packer plugins for automation.

This feels disingenuous. Tart has unattended setup support as well, and it's based on the same VNC + OCR technique as Lume. In fact Tart had it first, and your approach seems to be heavily inspired by it. In addition the boot command instructions you're using came from https://github.com/cirruslabs/macos-image-templates/

The only material difference is whether it's built-in or integrated via Packer.

frabonacci•2w ago
Fair point - both use VNC for unattended setup. The difference is implementation: Tart does it via a Packer plugin (Go), we built it natively in Swift with a customizable YAML schema that's less error-prone. User-facing difference is --unattended flag vs Packer workflow.
JSR_FDED•2w ago
Looked at Lume before and it was already very impressive then. For this unattended use case this looks amazing.

Slight tangent - do the VMs have decent graphics performance? I live in fear of one day accidentally pressing the Update button and being forced into the GUI mess that is Tahoe. Knowing I could just use a VM with Sequioa as my primary desktop would dramatically lower my anxiety.

frabonacci•2w ago
Thanks! On graphics - currently it's paravirtualized via Apple's Virtualization Framework, so basic 2D acceleration but no GPU passthrough. Fine for desktop use, web browsing, coding, productivity apps. Wouldn't recommend it for anything GPU-intensive though.

Good news is there are hints of GPU passthrough coming (_VZPCIDeviceConfiguration symbol appeared in Tahoe's Virtualization framework), so that might land in a future macOS release. We're keeping an eye on it.

JimDabell•2w ago
> We built a VNC + OCR system that clicks through macOS Setup Assistant automatically.

You can automate at least some of this with `defaults write` commands or copying files to the right places. If you look at what some existing MDM platforms do you should be able to do this a lot more efficiently.

frabonacci•2w ago
MDM platforms can skip Setup Assistant, but they require the device to be pre-enrolled in Apple Business Manager before first boot - VMs can't be enrolled in ABM, so those hooks aren't available.

defaults write only works after you have shell access, which means Setup Assistant is already done.

There are tools that modify marker files like .AppleSetupDone via Recovery Mode, but that's mainly for bypassing MDM enrollment on physical Macs - you'd still need to create a valid user account with proper Directory Services entries, keychain, etc.

The VNC + OCR approach is less elegant but works reliably without needing to reverse-engineer macOS internals or rely on undocumented behaviors that might break between versions.

saagarjha•2w ago
Surely your VNC script is guaranteed to break between versions
pjmlp•2w ago
This at least feels more natural than writing Swift scripts.
kxbnb•2w ago
The MCP Server integration is a great addition - being able to have Claude manage VMs directly opens up interesting sandboxing patterns for agent workflows.

One thing I've been thinking about with agents running in isolated environments: how do you handle visibility into what API calls the agent is making from within the VM? Right now we rely on proxying outbound requests to see what's actually happening. Does Lume expose any of that through the MCP interface?

Nice work on the unattended setup - that's usually the painful part.

frabonacci•2w ago
Thanks! On API call visibility - Lume's MCP interface doesn't expose outbound network traffic directly. It's focused on VM lifecycle (create, run, stop) and command execution, not network inspection.

For agent observability, we handle this at the Cua framework level rather than the VM level:

- Agent actions and tool calls are logged via our tracing integration (Laminar, OpenTelemetry) - You can see the full decision trace - what the agent saw, what it decided, what tools it invoked - For the "what HTTP requests actually went out" question, proxying is still the right approach. You could configure the VM's network to route through a transparent proxy, or set up mitmproxy inside the VM. We haven't built that into Lume itself since network inspection feels orthogonal to VM management.

That said, it's an interesting idea - exposing a proxy config option in Lume that automatically routes VM traffic through a capture layer. Would that be useful for your workflow?

jamescampbell•1w ago
I already use UTM and make a gold standard image that I setup once as beginning state snapshot. What am I missing here? This seems like it would take longer and more brittle to do the same thing? I also configure RAM, HD size, and CPU as well as networking and shared drives.